I'm experiencing a really strange problem with Apache::AuthCookie and
Internet Explorer. Every now and then when I try and access a protected
URL, I never see the login page.
If I close the window, and open a new one, it works just fine. This is the
case even if there are other windows open. In otherwords, I don't have to
close all the IE windows to get in.
I do not know if this same error occurs with Mozilla.
If I inspect the logs, I see this: (with Apache::AuthCookie debugging turned
on):
(Application Server Error Log)
[Thu Jul 11 09:06:51 2002] [error] auth_type Foo::Apache::AuthCookieHandler
[Thu Jul 11 09:06:51 2002] [error] auth_name Bar
[Thu Jul 11 09:06:51 2002] [error] ses_key_cookie
[Thu Jul 11 09:06:51 2002] [error] uri /rc/
[Thu Jul 11 09:06:51 2002] [error] auth_type Foo::Apache::AuthCookieHandler
[Thu Jul 11 09:06:51 2002] [error] auth_name Bar
[Thu Jul 11 09:06:51 2002] [error] ses_key_cookie
[Thu Jul 11 09:06:51 2002] [error] uri /rc/
[Thu Jul 11 09:06:51 2002] [error] auth_type Foo::Apache::AuthCookieHandler
[Thu Jul 11 09:06:51 2002] [error] auth_name Bar
[Thu Jul 11 09:06:51 2002] [error] ses_key_cookie
[Thu Jul 11 09:06:51 2002] [error] uri /rc/
[Thu Jul 11 09:06:51 2002] [error] auth_type Foo::Apache::AuthCookieHandler
[Thu Jul 11 09:06:51 2002] [error] auth_name Bar
[Thu Jul 11 09:06:51 2002] [error] ses_key_cookie
[Thu Jul 11 09:06:51 2002] [error] uri /rc/
(Application Server Access Log)
127.0.0.1 - - [11/Jul/2002:09:06:51 -0600] "GET /rc/ HTTP/1.0" 403 1542
127.0.0.1 - - [11/Jul/2002:09:06:51 -0600] "GET /rc/ HTTP/1.0" 403 1542
127.0.0.1 - - [11/Jul/2002:09:06:51 -0600] "GET /rc/ HTTP/1.0" 403 1542
127.0.0.1 - - [11/Jul/2002:09:06:51 -0600] "GET /rc/ HTTP/1.0" 403 1542
127.0.0.1 - - [11/Jul/2002:09:06:51 -0600] "GET /rc/ HTTP/1.0" 403 1542
127.0.0.1 - - [11/Jul/2002:09:06:51 -0600] "GET /rc/ HTTP/1.0" 403 1542
127.0.0.1 - - [11/Jul/2002:09:06:51 -0600] "GET /rc/ HTTP/1.0" 403 1542
127.0.0.1 - - [11/Jul/2002:09:06:51 -0600] "GET /rc/ HTTP/1.0" 403 1542
The browser and the server are locked in this conversation where the browser
continually requests the protected URI. If I look in the access logs, I see
this:
(Front-end light Proxy Logs)
xxx.10.67.255 - - [11/Jul/2002:09:06:51 -0600] "GET /styles.css HTTP/1.1"
200 3495
xxx.10.67.255 - - [11/Jul/2002:09:06:51 -0600] "GET /rc/ HTTP/1.1" 200 1542
xxx.10.67.255 - - [11/Jul/2002:09:06:51 -0600] "GET /styles.css HTTP/1.1"
200 3495
xxx.10.67.255 - - [11/Jul/2002:09:06:51 -0600] "GET /rc/ HTTP/1.1" 200 1542
xxx.10.67.255 - - [11/Jul/2002:09:06:51 -0600] "GET /styles.css HTTP/1.1"
200 3495
xxx.10.67.255 - - [11/Jul/2002:09:06:51 -0600] "GET /rc/ HTTP/1.1" 200 1542
xxx.10.67.255 - - [11/Jul/2002:09:06:51 -0600] "GET /styles.css HTTP/1.1"
200 3495
xxx.10.67.255 - - [11/Jul/2002:09:06:51 -0600] "GET /rc/ HTTP/1.1" 200 1542
xxx.10.67.255 - - [11/Jul/2002:09:06:51 -0600] "GET /styles.css HTTP/1.1"
200 3495
xxx.10.67.255 - - [11/Jul/2002:09:06:51 -0600] "GET /rc/ HTTP/1.1" 200 1542
xxx.10.67.255 - - [11/Jul/2002:09:06:51 -0600] "GET /styles.css HTTP/1.1"
200 3495
xxx.10.67.255 - - [11/Jul/2002:09:06:51 -0600] "GET /rc/ HTTP/1.1" 200 1542
Any ideas what's going on? It almost seems like AuthCookie is getting
confused and not redirecting the user to the correct URL - instead of the
login page, it get's redirected back to the initial url, which is protected,
and thus starts the entire cycle over again.
Proxy: Apache/1.3.23 (Unix) mod_gzip/1.3.19.1a mod_ssl/2.8.7 OpenSSL/0.9.6c
App: Apache/1.3.23 (Unix) mod_perl/1.26
Perl: 5.6.1
Apache::AuthCookie: 3.02
-klm.
